gerrit.fd Code Review - vpp.git/commit

author	Neale Ranns <neale@graphiant.com>
	Thu, 25 Feb 2021 19:09:24 +0000 (19:09 +0000)
committer	Damjan Marion <dmarion@me.com>
	Fri, 5 Mar 2021 10:34:55 +0000 (10:34 +0000)
commit	f16e9a5507c33642ac04d4b1a8712f8fac238828
tree	4e38ba12c88fde939317d091f45026471f0f506b	tree \| snapshot
parent	fc81134a26458a8358483b0d2908a6b83afb7f11	commit \| diff

ipsec: Support async mode per-SA

Type: feature

This feautre only applies to ESP not AH SAs.
As well as the gobal switch for ayncs mode, allow individual SAs to be
async.
If global async is on, all SAs are async. If global async mode is off,
then if then an SA can be individually set to async. This preserves the
global switch behaviour.

the stratergy in the esp encrypt.decrypt nodes is to separate the frame
into, 1) sync buffers, 2) async buffers and 3) no-op buffers.
Sync buffer will undergo a cyrpto/ath operation, no-op will not, they
are dropped or handed-off.

Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ifc15b10b870b19413ad030ce7f92ed56275d6791

src/vnet/devices/pipe/pipe.c		diff \| blob \| history
src/vnet/ipsec/esp.h		diff \| blob \| history
src/vnet/ipsec/esp_decrypt.c		diff \| blob \| history
src/vnet/ipsec/esp_encrypt.c		diff \| blob \| history
src/vnet/ipsec/ipsec.c		diff \| blob \| history
src/vnet/ipsec/ipsec_api.c		diff \| blob \| history
src/vnet/ipsec/ipsec_cli.c		diff \| blob \| history
src/vnet/ipsec/ipsec_sa.c		diff \| blob \| history
src/vnet/ipsec/ipsec_sa.h		diff \| blob \| history
src/vnet/ipsec/ipsec_types.api		diff \| blob \| history
src/vnet/ipsec/ipsec_types_api.c		diff \| blob \| history
test/test_ipsec_esp.py		diff \| blob \| history